PGP Outlook plugin has major security hole
Relax, there's a patch
Posted in Software, 11th July 2002 11:35 GMT
Increase your knowledge of the latest threats to your busines
A malicious e-mail can create a buffer overrun in Network Associates' PGP plugin for MS Outlook on Windows, which in turn can be used to run arbitrary code with the user's level of privilege. At a minimum this could compromise the user's passphrase and expose his encrypted messages, and at a maximum surrender control of the machine. Attachments do not need to be activated; merely selecting the malicious message is sufficient.
PGP Desktop Security 7.0.4, Personal Security 7.0.3 and Freeware 7.0.3 are affected. NAI has a hotfix posted here. The issue was discovered by eEye's Marc Maiffret. ®
Increase your knowledge of the latest threats to your busines


The Total Economic Impact of Dell's PC products and services
The best practices guide for application security
Certify your software integrity with Thawte code signing certificates
The future of SaaS and IT infrastructure management
The mandate for application security
Google code cloud punts on-demand embarrassment
Microsoft weighs next-phase in open-source support
iTunes minus the player: hack your Apple beats
Oracle plans cloud strategy